Getting unexpected output in program
Question
Here is code:
String sql_1 = "select emp_id,password from regid";
ResultSet rs = st.executeQuery(sql_1);
while(rs.next())
{
if(((employee.equals(rs.getString("emp_id"))) && (password.equals(rs.getString("password"))))==true)
{
// String sql2="update regid set regid='"+Datastore.regIds.add(regId)+"' where emp_id='"+employee+"'";
// st.executeUpdate(sql2);
System.out.println("2> Employee Id : "+employee+" && Password : "+password);
System.out.println("3> This employee "+employee+" exsists in the database and registration-password id will be Updated");
// resp.setStatus(HttpServletResponse.SC_OK);
resp.setContentType("text/html");
PrintWriter out = resp.getWriter();
out.print("<html><body>");
out.print("<head>");
out.print("<title>Policy Page</title>");
out.print("<link rel='icon' href='../images/favicon.png'/>");
out.print("</head>");
String status = (String) req.getAttribute(ATTRIBUTE_STATUS);
if (status != null)
{
out.print("Status :"+status);
}
List<String> devices = Datastore.getDevices();
if (devices.isEmpty())
{
out.print("<h2>No devices registered!</h2>");
}
else
{
out.print("<h2>" + devices.size() + " device(s) registered!</h2>");
out.print("<form name='form' method='POST' action='sendAll'>");
out.print("<input type='text' name='policy'>");
resp.setStatus(HttpServletResponse.SC_OK);
out.print("<input type='submit' value='Apply Policy'>");
out.print("</form>");
// System.out.println(HTTP_STATUS);
System.out.println(HttpServletResponse.SC_OK);
getServletContext().getRequestDispatcher("/home").forward(req, resp);
}
out.print("</body></html>");
resp.setStatus(HttpServletResponse.SC_OK);
}
else {
resp.setStatus(HttpServletResponse.SC_BAD_REQUEST);
System.out.println(HttpServletResponse.SC_BAD_REQUEST);
System.out.println("4> This employee "+employee+" does not exsist in the database");
}
}
// rs.close();
}
But I'm getting output like,but I'm putting the correct emp_id & password(still it's showing 4> + java.lang.illegalstateexception (don't know why ?? :( )):
1> Employee : P1 && Password : ppp
400
4> This employee P1 does not exsist in the database
2> Employee Id : P1 && Password : ppp
3> This employee P1 exsists in the database and registration-password id will be Updated
400
4> This employee P1 does not exsist in the database
any idea.....why it's happening ?
2 answers
solution1
2 ACCPTED 2012-09-27 13:44:01
It's happening because you algorithm consists of:
- Iterate through all employees
- If employee matches ID/password, print 2>, else print 4>
So you'll have one 2>, 3> output for the one that matches and all the others will give you the error 400.
Instead, you can iterate through all your employees (although it might be best to add a criteria to your SQL to narrow down the result set by password and employee ID), don't output an error unless you have exhausted all the results and did not find the matching one.
PreparedStatement stmt = null;
try {
stmt = new PreparedStatement("select * from regis where emp_id=? and password=?");
stmt.setString(1, employee);
stmt.setString(2, password);
ResultSet rs = stmt.executeQuery();
if(rs.next()) {
System.out.println("2> Employee Id : "+employee+" && Password : "+password);
System.out.println("3> This employee "+employee+" exsists in the database and
resp.setContentType("text/html");
PrintWriter out = resp.getWriter();
out.print("<html><body>");
out.print("<head>");
out.print("<title>Policy Page</title>");
out.print("<link rel='icon' href='../images/favicon.png'/>");
out.print("</head>");
String status = (String) req.getAttribute(ATTRIBUTE_STATUS);
if (status != null)
{
out.print("Status :"+status);
}
List<String> devices = Datastore.getDevices();
if (devices.isEmpty())
{
out.print("<h2>No devices registered!</h2>");
}
else
{
out.print("<h2>" + devices.size() + " device(s) registered!</h2>");
out.print("<form name='form' method='POST' action='sendAll'>");
out.print("<input type='text' name='policy'>");
resp.setStatus(HttpServletResponse.SC_OK);
out.print("<input type='submit' value='Apply Policy'>");
out.print("</form>");
// System.out.println(HTTP_STATUS);
System.out.println(HttpServletResponse.SC_OK);
getServletContext().getRequestDispatcher("/home").forward(req, resp);
}
out.print("</body></html>");
resp.setStatus(HttpServletResponse.SC_OK);
}
else {
resp.setStatus(HttpServletResponse.SC_BAD_REQUEST);
System.out.println(HttpServletResponse.SC_BAD_REQUEST);
System.out.println("4> This employee "+employee+" does not exsist in the database");
}
}
catch(Exception e) {
e.printStackTrace();
}
finally {
try {
stmt.close();
} catch(Exception x) {}
}
solution2
2 2012-09-27 13:46:01
Your indentation isn't helping you. You're looping through all the employees, and comparing the username and password for each of them - so sometimes you'll get a match, and sometimes you won't.
There are multiple problems with this code:
- If you're only looking for one result, don't ask the database for all the rows! You should be passing query parameters and doing the filtering in the database. You can then work out whether or not you've got a match just by seeing whether there are any rows in the result or not.
- Your indentation makes it hard to see what's going on
You're using huge numbers of unnecessary brackets and comparisons with
true, egif(((employee.equals(rs.getString("emp_id"))) && (password.equals(rs.getString("password"))))==true)would be better as
if(employee.equals(rs.getString("emp_id") && password.equals(rs.getString("password"))You appear to be using plain text passwords. Don't do this.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.